Overview

overview

9

Static

static

3

7082969fe6...b7.exe

windows7-x64

9

7082969fe6...b7.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    7082969fe608a1152b0d57c89a88deb7

  • Size

    1.1MB

  • Sample

    231226-p83f2segel

  • MD5

    7082969fe608a1152b0d57c89a88deb7

  • SHA1

    2d1080859d1330d29058d405933997514b4beb56

  • SHA256

    cf20e362550cdde7afb806d6f6da981fb7de2d33a671c6895f903706b2de6e8a

  • SHA512

    3e63e50f98ab3c863dc0442f43aa4c211e2e06ffcb78718d72a54e1d26f372a2f4583806ba579c0e256d0b508f68cebab628ebd7291df135d358c233c40c96f0

  • SSDEEP

    24576:jAAYnBxBE1NdOgvwbGIzRsTXqDXjviCI5vXSJDwX3Ww5ZeFLLTr:jAfUm8wy3qDTvilCJDW5ZeFvX

Score
9/10

Malware Config

Targets

    • Target

      7082969fe608a1152b0d57c89a88deb7

    • Size

      1.1MB

    • MD5

      7082969fe608a1152b0d57c89a88deb7

    • SHA1

      2d1080859d1330d29058d405933997514b4beb56

    • SHA256

      cf20e362550cdde7afb806d6f6da981fb7de2d33a671c6895f903706b2de6e8a

    • SHA512

      3e63e50f98ab3c863dc0442f43aa4c211e2e06ffcb78718d72a54e1d26f372a2f4583806ba579c0e256d0b508f68cebab628ebd7291df135d358c233c40c96f0

    • SSDEEP

      24576:jAAYnBxBE1NdOgvwbGIzRsTXqDXjviCI5vXSJDwX3Ww5ZeFLLTr:jAfUm8wy3qDTvilCJDW5ZeFvX

    Score
    9/10

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks